Tougher rules will come into force later this month over the control of online data - and here is everything you need to know.

The General Data Protection Regulation (GDPR) will be introduced across Europe on Friday, May 25.

The regulation is a piece of legislation which will impact any companies or organisations which process the data of an EU citizen. This will apply whether the company is based in the EU or not.

Crucially for consumers, it will give people more rights over their own information.

Britain's protracted leave of the European Union, Brexit, does not even throw a spanner in the works either, as the Government is implementing the Data Protection bill, which mirrors the GDPR with only a couple of changes.

So, what do you need to know about GDPR ahead of the deadline? Our sister title, The Mirror broke down everything you need to know.

GDPR will come into power on May 25 (Image: Getty)

Who will see the impact of GDPR?

There are 99 articles within the legislation, which set out the rights of individuals and the obligations of organisations that are classed as either 'controllers' or 'processors'.

Controllers direct the collection of information while processors actually carry out actions on the data. The two are not mutually exclusive - a company can be a controller and a processor.

Read More

Article 3 of the GDPR states that the regulation applies to the processing of personal data "in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not."

Even if the company processing the data isn't based in the EU - if they are offering goods or services to EU citizens, they are still bound by the regulation.

The regulation also lays out special categories of data - such as political or sexual orientation - that require explicit written consent. There are also more stringent rules in place for children under the age of 16.

A keyboard with a green button Data Protection (Image: Getty)

What does it mean for you?

For consumers, it brings new powers that require firms to get clear consent from users before processing their data, as well as grants users a right to easily access the data collected from them and transparency on how it is being used.

Therefore, you are able to request copies of your data from any company, free of charge and should have it supplied to you within a month.

It also requires companies to tidy up their privacy policies to make them clearer and more transparent for users - which is why you're likely to see a spate of emails come through from services you use asking you to take a look at their revised privacy policies.

Read More

Is it really that serious?

Part of the reason companies are taking such notice of GDPR is that the fines involved for noncompliance are huge.

For the most serious breaches, regulators will be able to issue penalties equivalent of up to four per cent of annual global turnover or 20 million euros - whichever is greater.

Less serious breaches can still attract a 10 million fine or two per cent of global turnover with all the proceeds of the fine being handed over to the treasury.

For giant companies, these fines could run into hundreds of millions. But it's also a chance for companies to engage with their customers.

Companies will need to comply with GDPR or risk massive fines (Image: Getty)

What difference will it make?

In many cases it has already started making a difference.

A number of large technology and internet companies have started the process of making data practices more transparent with the potential threat of large fines if not adhered to.

Facebook and Twitter have started updating their privacy policies, to add clearer language and descriptions of data use, as well as offering more tools to users to share or remove their personal data from the platform, as is required by GDPR.